Hugging Face's logo

rez0
/
joblib-compression-scanner-bypass

Tabular Classification
Scikit-learn
Joblib
Model card Files
xet
 Community
How to use from the
Use from the
Scikit-learn library
from huggingface_hub import hf_hub_download
import joblib
model = joblib.load(
	hf_hub_download("rez0/joblib-compression-scanner-bypass", "sklearn_model.joblib")
)
# only load pickle files from sources you trust
# read more about it here https://skops.readthedocs.io/en/stable/persistence.html

Logistic Regression (Compressed)

Simple logistic regression saved with joblib compression.

Security Research

This model demonstrates that compressed joblib files (.joblib.gz, .joblib.bz2, etc.) bypass both modelscan v0.8.8 and picklescan v1.0.3 security scanners.

This is a security research PoC for responsible disclosure via huntr.

Reproduction 

import joblib
# This will execute arbitrary code - scanner bypass confirmed
model = joblib.load("model.joblib.gz")
Downloads last month
-
Inference Providers NEW
Tabular Classification
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support